| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
* 2006-05-13 13:16 (Minor) On some systems POSIX AIO functions are in libaio
* 2006-05-14 15:41 (Medium) Memory leak in header processing related to external_acl or custom log formats
* 2006-05-14 15:41 (Major) memory leak in ident processing
* 2006-05-14 15:41 (Medium) Memleak in HTCP client code
* 2006-05-14 15:41 (Minor) Mime icons are not displayed when viewing ftp sites when
* 2006-05-14 15:41 (Cosmetic) SQUIDHOSTNAMELEN issues
* 2006-05-14 15:41 (Cosmetic) Current release is STABLE13, not 12..
Bump PKGREVISION.
|
|
(hi phone! :-)
changes since bozohttpd 20050410:
o make directory indexing mode not look so ugly
o build a text version of the manual page
o make "make clean" work properly
|
|
|
|
Major changes since 6.4:
- Fixed CVE-2006-2237.
- All geoip plugins support the PurePerl version.
- Possible use of vhost in extra section.
- Support IPv6 in AllowAccessFromWebToFollowingIPAddresses parameter.
- Added svn family to browsers detection.
- RSS catcher/readers in robot database.
- LogFormat=2 can now change its value dynamically if logformat change.
- More new features and bug fixes.
|
|
Based on PR pkg/33458 from david l goodrich.
I won't bump PKGREVISION since this is very trivial change and I'll commit
another changes soon.
|
|
Bump pkgrevision.
Reported by Jaromir Dolecek.
|
|
|
|
of quanta.
|
|
|
|
An Apache module designed to provide Kerberos authentication to the
Apache web server. Using the Basic Auth mechanism, it retrieves a
username/password pair from the browser and checks them against a
Kerberos server as set up by your particular organization. The module
also supports the Negotiate authentication method, which performs full
Kerberos authentication based on ticket exchanges, and does not require
users to insert their passwords to the browser.
|
|
Library for enabling GSSAPI authentication in LWP
|
|
0.05dev to 0.05.1dev:
+ Compatibiliy with newer Tk versions, especially 804.027 and above
+ Documentation bugfix for how to install it locally
+ Address change in the license
|
|
|
|
|
|
|
|
|
|
php-* modules failed on Darwin because gcc was used to link them.
Thanks to John Klos for testing.
Bump PKGREVISION.
|
|
* Designed and implemented a dpi protocol library (libDpip.a in /dpip).
* Added a couple of new dpip commands.
* Fixed and uniformed the escaping of values inside dpip tags.
* Ported the bookmarks, download, file, https, ftp and hello plugins,
plus the dpid daemon and the rest of the source tree to use it.
* Improved the dpi buffer reception to handle split buffers (This was
required for handling arbitrary data streams with dpip).
* Fixed a serious bug with the FTP plugin that led to two downloads of the
same file when left-clicking a non-viewable file.
* Added MIME/type detection to the FTP plugin, and removed popen().
* Set the dpi daemon (dpid) not to exit when the downloads dpi is running.
* Improved the accuracy of the illegal-character error reporting for URLs.
* Added DOCTYPE parsing (for better bug-meter error messages).
* Added a check for malicious image sizes in IMG tags.
* Made the parser aware of buggy pages with multiple BODY and HTML elements.
* Fixed a bug in MIME content/type detection.
* Moved the cookies management into a dpi server: cookies.dpi.
* Added "./configure --disable-threaded-dns" (for some non reentrant BSDs).
|
|
changes:
-bugfixes
-added XulRunner support
|
|
2.08 Wed May 3 17:17:33 EDT 2006
- Implemented new rasterizer for grid mapping. Thanks to Roland
Schar for a tortuous example of span issues.
- Regular extraction and TREE mode are using the same
rasterizer now.
- Fixed HTML stripping for a header matching bug on single word
text in keep_html mode (thanks to Michael S. Muegel for
pointing the bug out)
2.07 Sun Feb 19 13:40:44 EST 2006
- Fixed subtable slicing bug
- Fixed hrow() attachment bug
- Added tests
|
|
and update to 0.6 which brings some UI fixes and improvents
|
|
to version 2.0.58. Change since Apache relase 2.0.55:
- Legal: Restored original years in copyright notices.
- mod_cgid: run the get_suexec_identity hook within the request-handler
instead of within cgid. Apache#36410.
- core: Prevent read of unitialized memory in ap_rgetline_core.
Apache#39282.
- mod_proxy: Report the proxy server name correctly in the "Via:" header,
when UseCanonicalName is Off. Apache#11971.
- mod_isapi: Various trivial code-fixes to permit mod_isapi to load and
run on Unix.
- HTML-escape the Expect error message. Not classed as security as
an attacker has no way to influence the Expect header a victim will
send to a target site. Reported by Thiago Zaninotti
<thiango nstalker.com>.
- SECURITY: CVE-2005-3357 (cve.mitre.org)
mod_ssl: Fix a possible crash during access control checks if a
non-SSL request is processed for an SSL vhost (such as the
"HTTP request received on SSL port" error message when an 400
ErrorDocument is configured, or if using "SSLEngine optional").
Apache#37791.
- SECURITY: CVE-2005-3352 (cve.mitre.org)
mod_imap: Escape untrusted referer header before outputting in HTML
to avoid potential cross-site scripting. Change also made to
ap_escape_html so we escape quotes. Reported by JPCERT.
- Add APR/APR-Util Compiled and Runtime Version numbers to the
output of 'httpd -V'.
- Ensure that the proper status line is written to the client, fixing
incorrect status lines caused by filters which modify r->status without
resetting r->status_line, such as the built-in byterange filter.
- Default handler: Don't return output filter apr_status_t values.
Apache#31759.
- mod_speling: Stop crashing with certain non-file requests.
- keep the Content-Length header for a HEAD with no response body.
Apache#18757
- Modify apr[util] .h detection to avoid breakage on VPATH builds
using Solaris make (amoung others) and avoid breakage in ./buildconf
when srclib/apr[-util] are symlinks rather than directories proper.
- Avoid server-driven negotiation when a CGI script has emitted an
explicit "Status:" header. Apache#38070.
- mod_log_config now logs all Set-Cookie headers if the %{Set-Cookie}o
format is used. Apache#27787.
- mod_cache: Correctly handle responses with a 301 status. Apache#37347.
- mod_proxy_http: Prevent data corruption of POST request bodies when
client accesses proxied resources with SSL. Apache#37145.
- Elimiated the NET_TIME filter, restructuring the timeout logic.
This provides a working mod_echo on all platforms, and ensures any
custom protocol module is at least given an initial timeout value
based on the <VirtualHost > context's Timeout directive.
- mod_ssl: Correct issue where mod_ssl does not pick up the
ssl-unclean-shutdown setting when configured. Apache#34452.
- Document the ReceiveBufferSize change done in r157583.
- mod_deflate: Merge the Vary header, instead of Setting it. Fixes
applications that send the Vary Header themselves. Apache#37559.
- mod_dav: Fix a null pointer dereference in an error code path during the
handling of MKCOL.
- mod_mime_magic: Handle CRLF-format magic files so that it works with
the default installation on Windows.
- Write message to error log if AuthGroupFile cannot be opened.
Apache#37566.
- Add ReceiveBufferSize directive to control the TCP receive buffer.
- mod_cache: Fix 'Vary: *' behavior to be RFC compliant. Apache#16125.
- Remove the base href tag from proxy_ftp, as it breaks relative
links for clients not using an Authorization header.
- http_request.c: Add missing va_end call.
- Add httxt2dbm to support/ for creating RewriteMap DBM Files.
- support/check_forensic: Fix temp file usage
- Chunk filter: Fix chunk filter to create correct chunks in the case that
a flush bucket is surrounded by data buckets.
- mod_cgi(d): Remove block on OPTIONS method so that scripts can
respond to OPTIONS directly rather than via server default.
Apache#15242
- Added new module mod_version, which provides version dependent
configuration containers.
- Add core version query function (ap_get_server_revision) and
accompanying ap_version_t structure (minor MMN bump).
|
|
Zope 3.2.1
Bug fixes
- Fixed issue 573: @form.action(failure='name_of_method') didn't work.
- Fixed issue 568: Typo in basicskin css file.
- Fixed issue 560: Bug in default AddView class.
- Fixed issue 546: non-ASCII docstring cause
System Error in RootErrorReportingUtility.
- Fixed issue 544: VocabularyRegistryError missing import.
- Fixed issue 536: ErrorLogUtility has UnboundLocalError.
- zope.app.testing.functional.defineLayer
+ Use the method param instead of an hardcoded value for the
zcml filename
|
|
advertized version), so there's no reason to upgrade. :-)
Fixes a denial of service vulnerability (MFSA 2006-30).
|
|
XXX firefox-bin should share the mirror list
|
|
|
|
XXX why this has special MASTER_SITES setting? it should make use of
XXX list in mozilla-bin/Makefile.common
|
|
APC is the Alternative PHP Cache, which provides a way of boosting the
performance of PHP on heavily-loaded sites by allowing scripts to be cached
in a compiled state, so that the overhead of parsing and compiling can be
almost completely eliminated.
|
|
- Security fix for denial of service vulnerability reported in
Mozilla Foundation Security Advisory 2006-30
|
|
|
|
Kwiki-Wikiwyg is a Kwiki plugin that adds WYSIWYG editing capabilities
to a Kwiki. The underlying technology is Wikiwyg, a Javascript library
that can be easily integrated into any wiki or blog software. It
offers the user multiple ways to edit/view a piece of content:
* Wysiwyg mode - Simple, HTML, Design Mode editing.
* Wikitext mode - Standard, Wiki, Text Area editing.
* Preview mode - Display mode without saving changes.
Wikiwyg allows you to switch between modes, delegating some of the
processing to the server when necessary.
|
|
|
|
to rrdtools. Bump revision, since dependency list changed.
|
|
|
|
This Kwiki plugin can run a standalone HTTP server for the Kwiki under
the current working directory. It is helpful for debugging purposes
or for starting up a wiki site quickly. After installation, just run:
kwiki -start
and you can access the Kwiki site at http://localhost:8080/.
|
|
|
|
|
|
HTTP::Server::Simple::Static is a mixin class that adds a method to
serve static files with the correct Content-type MIME type headers.
|
|
|
|
HTTP::Server::Simple::Kwiki is a standalone webserver for Kwiki. This
means that you don't need to run it under a proper webserver. This
is intended mostly for debugging Kwiki, or for when you just want to
play with it without having to configure Apache.
|
|
include adding a new method to make it easier to create servers handling
non-standard HTTP verbs/actions.
|
|
A plugin for Kwiki that allows you to notify yourself by email when
some one updates a page. You can specify the To:, From: and
Subject: headers, but the email message body is not currently configurable.
|
|
|
|
|
|
Cherokee is a very fast, flexible and easy to configure Web Server. It
supports the widespread technologies nowadays: FastCGI, SCGI, PHP, CGI,
TLS and SSL encrypted connections, Virtual hosts, Authentication, on the
fly encoding, Apache compatible log files, and much more.
|
|
ftp://ftp.horde.org/pub/ to a backup
|
|
directory.
|
|
possible code injection, affecting nested iframes.
See https://bugzilla.mozilla.org/show_bug.cgi?id=334515 and
http://www.securident.com/vuln/ff.txt
bump PKGREVISION
|
|
changes: bugfixes and documentation improvements
|
|
changes:
* Added 64bit library path for Firefox
to start script
* Added fix a timezone parsing problem
* Added a workaround for a problem caused
by installing the gconf schemes from
earlier Liferea version, which caused
a HTML view zoom level of 0.
|
